5 matches found
CVE-2020-10571
An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...
aoirint-psdlayer2dirpy (>=20220819.1.0 <=20220819.2.0), hacktools (>=0.8.0 <=0.26.0) +1 more potentially affected by CVE-2020-10571 via psd-tools (>=1.8.38 <=1.9.28)
psd-tools PYPI version =1.8.38, =20220819.1.0, =0.8.0, =0.1.0, =0.5.1 Source cves: CVE-2020-10571 Source advisory: OSV:GHSA-22JR-VC7J-G762...
CVE-2020-10571
An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data...
add-psd-layer (=0.1.0), agkit (=0.27.0) +38 more potentially affected by CVE-2020-10571 via psd-tools (>=1.10.2 <=1.9.28)
psd-tools PYPI version =1.10.2, =0.1.2, =0.1.1, =0.1.0, =2.0.0, =4.1.0, =0.8.0, =0.1.0, =0.1.6, =2023.0.0, =1.1.0, =2024.0.0, =2024.0.1 and more Source cves: CVE-2020-10571 Source advisory: OSV:PYSEC-2020-91...
CVE-2020-10571
The CVE-2020-10571 issue affects psd-tools prior to v1.9.4, where the Cython implementation of RLE decoding fails to validate input data. This can be triggered by malicious or malformed PSD input, with documented advisories describing a related buffer overflow scenario when the Cython path is use...